eTrust Audit Plug-In
The coexistence utility runs the eTrust Audit plug-in to scan the computer for eTrust Audit Version 1.5 registry keys and files before the installation begins, as follows:
capamsc141
The coexistence utility runs the eTrust Audit plug-in to scan the computer for eTrust Audit Version 1.5 registry keys and files before the
Privileged Access Manager
installation begins, as follows:- Queries the following registry key for existence:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\acdistagn.exe If successful it extracts the "Path" value designated %PathFromRegistry%.If the registry key exists, the plug-in:
- Reads the value of the Path entry
- Returns the following executable pathnames:FilePathFromRegistry\bin\acactmgr.exe FilePathFromRegistry\bin\SeLogRcd.exe FilePathFromRegistry\bin\acdistagn.exe FilePathFromRegistry\acdistsrv.exe FilePathFromRegistry\acfwrecd.exe FilePathFromRegistry\acrecorderd.exe FilePathFromRegistry\aclogrd.exe FilePathFromRegistry\portmap.exe FilePathFromRegistry\SeLogRec.exe FilePathFromRegistry\SeLogRd.exe FilePathFromRegistry\snmprec.exeThis is the default action as defined in the response file. The eTrust Audit plug-in does not add a trusted program (SPECIALPGM) rule by default.
- Stops the following services:
- "eAudit Action Manager"
- "eAudit Distribution Agent"
- "eAudit Log Router"
- "eAudit Recorder"
- "eAudit Redirector"
- "eAudit Portmap"
- "eTrust Audit Action Manager"
- "eTrust Audit Collector"
- "eTrust Audit Distribution Agent"
- "eTrust Audit Distribution Server"
- "eTrust Audit FW-1 Recorder"
- "eTrust Audit Generic Recorder"
- "eTrust Audit Log Router"
- "eTrust Audit Portmap"
- "eTrust Audit Recorder"
- "eTrust Audit Redirector"
- "eTrust Audit SNMP Recorder"
- When thePrivileged Access Managerinstallation completes, it restarts these same services.
The coexistence utility also runs the eTrust Audit plug-in to:
- Stop the eTrust Audit services when you uninstallPrivileged Access Manager
- Start the eTrust Audit services after thePrivileged Access Manageruninstall completes
The response file determines the default action that the coexistence utility performs at prescribed stages (what to do before
Privileged Access Manager
installation, after installation, and so on).